Blog

Hackers Are Demanding Extra Ransomware Payments From Victims

Hackers who use ransomware to conduct their attacks have a new trick up their sleeves. A ransomware family has begun employing the tactic of not only demanding payment to unlock infected systems, but also demanding an additional payment.

They're demanding an extra payment to keep them from publishing copies of the files they stole before encrypting everything.

Hackers have been making the claim for years that they were doing more than just encrypting files, but actually exfiltrating data too. It wasn't until recently, though (November 2019) that a group actually published stolen data as proof that this was, in fact, occurring.

Although this tactic is only currently in use by a hackers deploying the Ako Ransomware, you can bet that the idea will spread like wildfire. After all, there's no real downside as far as the hackers are concerned, and they can coax a bit more money out of the companies, individuals, and organizations they successfully attack.

Bleeping Computers recently interviewed an Ako operator, who confirmed that the tactic was in use and had been successful. The operator said that the tactic was only used on certain victims, depending on the size of the company and the type of data that was stolen. They were very upfront and matter of fact about it.

This underscores two important points:

First, ransomware attacks are data breaches. The hackers aren't just encrypting your files, they're making off with copies too.

Second, backups are incredibly important! Having up to date backups won't prevent a hacker who successfully breaches your system from releasing the data they stole if you don't pay. At the very least, however, you can get your company up and running again in short order without having to pay to have your files decrypted. Sadly, too many companies still don't have a robust backup plan in place. If that describes your company, it's well past time to change that.

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are as essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.

Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.